VPN ideas


(Lorenzo "Palinuro" Faletra) #42

there is one single node that knows your real ip, your traffic and your target hosts at the same time

this is NOT anonymity


#43

if you talk like that you can add all nodes you want each nodes know the ip of the precedent so this is not anonymity… And on vpn it is possible like i do with mine to have mutliple nodes…

Anonymity is not a question of how much nodes your packets go through before your target… theory is beautiful but go on real story and you will see tor users going to jail (wonderful anonymity), and vpn user with real no logs policy staying free…

Say me how you can trace someone using something like protonvpn secure core paid with bitcoin and with their no logs???


(Ken Mortensen) #44

For connectionistsystems:
I use ProtonVPN and installed these in terminal: network-manager-openvpn-gnome
wget
python
resolvconf
OpenVPN is already installed in Parrot.
This works for me. Try it or try some of it.


#45

one thing is sure, using protonvpn and tor on top of it will always be better than tor only, since your ISP won’t know you use tor.

@rl1k @palinuro but check that if you want to see other ways to be secure/anonymous https://cryptolok.blogspot.com/2018/07/ghostinthechaos-chaotic-crypto-stealth.html

i2p can be much better than tor in some situations.


(Matt) #46

I agree certain use cases would warrant using a VPN to TOR connection, or at least some kind of extra hop.

Such as Eldo Kim https://www.theregister.co.uk/2013/12/18/harvard_bomb_hoax_charge/ (A good example of how tor will not keep you anonymous). If he had used a similar service/ technique, he might not have been found out so easily.

But you would still have to trust your VPN provider. :man_shrugging:


(Lorenzo "Palinuro" Faletra) #47

cryptolok ? a free blogspot blog?

it does not look like an authoritative source of information but i added the article to my reading list.

my question is: why should i trust protonvpn?

tor puts technical limitations to traffic inspection, and it is pretty hard to bypass such countermeasures

a vpn provider does NOT have any technical limitations

you probably don’t know that the tor project already provide some features to bypass ISP censorship based on both entry node addresses and deep packet inspection

these are some tor documentation pages you should absolutely read before you try to convince people that centralized technologies have something to do with network anonymity:

https://www.torproject.org/docs/bridges

https://www.torproject.org/docs/pluggable-transports

https://bridges.torproject.org

https://svn.torproject.org/svn/projects/design-paper/blocking.html

further readings:

https://www.freehaven.net/anonbib/topic.html#Anonymous_20communication


#48

here is the project, with the steps to follow https://github.com/cryptolok/GhostInTheChaos/

you’re absolutely right about VPNs, and i did not try to convince anyone to think that VPN have to do with anonymity, but using a VPN following with TOR hide the fact to your ISP that you’re using tor, they will only see some traffic going on ssh thats all

using TOR only though, your ISP will know that you use it, now some users might not care about theirs ISP seeing the TOR traffic, but not all, that’s why i wrote about it.

and yes i know about the bypass ISP censorship feature, i studied TOR and i2p before using it.

i think i expressed myself badly, you are concerned about the ISP seeing the TOR traffic and blocking it, in which case yes bridge can be used. what i’m concerned about is correlation

edit : about the project, here is a picture so you get an idea


(olegov) #49

the best way is change dns & then use dns crypt & macchanger with tor network and good vpn client
but ther is no 100%100 protection when you login to network bro


(Amzker Pro Hacker) #50

What if we create loop of network
And then surf with VPN😜
Yes superb idea


(Lorenzo "Palinuro" Faletra) #51

changing dns makes your traffic pass through your ISP anyways and it does not fix the problem

dnscrypt is interesting, but again, no advantages here

macchanger is completely useless as your ISP does not know your mac address


(Nico Paul) #52

More hops doesnt make it harder to trace, it merely means theres more data to have the potential of leaking. The only way to be a ghost online is to never get online in the first place, for the rest of us onion routing makes the most sense theoretically to mask source/destination but not content.


(olegov) #53

i know lol everything pass through isp srvs even i change many things they still can see me
but ther is many way to do some evil jobs lol without let any real trace


(Nico Paul) #54

in no situation do we condone utilizing anything associated with or created by Parrotsec for anything malicious or Illegal, that is a serious violation of our policies and community guidelines.


(Amzker Pro Hacker) #56

I Don’t Think that getting 100% anonymity is posible , Yes Traceback off possible but not anonymity

Yes if you know better than it that you able to take 100% anonymity
Post your idea ,
happy to learn - Amzker

Also Community Dev /member/admin it’s not mean that he is GOD Of Linux


#57

for sure 100% of anonymity is theorically impossible but for the 99% of case where a suspect is arrested after using VPS,vpn and tor it was a problem of the VPN using log, or by a mistake of the suspect, metadata in file sent, exif in image, using same mail for a day to day and illegal activity (look the case of drug black market on tor ;)) , hack back action like darkoverlord case etc etc but they never back to the source through all those protection without an error or a snitch :wink:


#58

the guy above wrote about doing “evil things”, and Nico_Paul just made things clear with that, and he’s right, even if it’s the random category, ParrotSec is about security, it’s not a pirate forum
now a pentester might need to be totally invisible for certains works, but romanov was not clear on what he’s speaking about

@Amzker yes it’s not possible, you can only make things harder for tracing


(Nico Paul) #59

I would hate to close this thread because of the wealth of discussion here, hopefully we can keep it all within our guidelines and be civil so that we can all continue to discuss this! Maybe we could merge with the other vpn topic in this category that’s also very informative?


(olegov) #60

hi p-c to be clear for every one i don’t talk about pirate or any stuf about this subject
my talk’s is i don’t like anyone folow me or try to see what i do even is isp srvs
evil things is hide what i do from other’s and i know what mean privacy of other’s


(Abdel Rhman Anter) closed #61